Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,438
Erlang
29
GitHub Actions
16
Go
1,663
Maven
4,922
npm
3,450
NuGet
594
pip
2,853
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Reflected cross-site scripting vulnerability in [MailForm01] free edition (versions which the... Moderate Unreviewed
CVE-2021-20723 was published May 24, 2022
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1... High Unreviewed
CVE-2018-19860 was published May 24, 2022
Lexiglot through 2014-11-20 allows CSRF. Moderate Unreviewed
CVE-2014-8942 was published May 17, 2022
Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter. Moderate Unreviewed
CVE-2014-8943 was published May 17, 2022
admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and... High Unreviewed
CVE-2014-8945 was published May 17, 2022
Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin... High Unreviewed
CVE-2014-8941 was published May 17, 2022
Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a... Low Unreviewed
CVE-2014-8938 was published May 17, 2022
Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the... Low Unreviewed
CVE-2014-8944 was published May 17, 2022
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path)... Moderate Unreviewed
CVE-2014-8939 was published May 17, 2022
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and... Moderate Unreviewed
CVE-2014-8940 was published May 17, 2022
Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update... Moderate Unreviewed
CVE-2014-8937 was published May 17, 2022
It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce... High Unreviewed
CVE-2014-8183 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird... Moderate Unreviewed
CVE-2013-6674 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird... Moderate Unreviewed
CVE-2014-2018 was published May 17, 2022
Arbitrary file write in NumPy Moderate
CVE-2014-1858 was published for numpy (pip) May 14, 2022
jhutchings1
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers... High Unreviewed
CVE-2014-10069 was published May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Jasypt High
CVE-2014-9970 was published for org.jasypt:jasypt (Maven) May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts... Critical Unreviewed
CVE-2014-9972 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts... Critical Unreviewed
CVE-2014-9971 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check... Critical Unreviewed
CVE-2014-9981 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow... Critical Unreviewed
CVE-2014-9976 was published May 14, 2022
The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows... Low Unreviewed
CVE-2013-2929 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400... Critical Unreviewed
CVE-2014-9996 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2014-9985 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400... Critical Unreviewed
CVE-2014-9994 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API